Examples with LoginModuleConfig org.apache.jackrabbit.core.config.LoginModuleConfig used on opensource projects

Search in sources :

Example 1 with LoginModuleConfig

use of org.apache.jackrabbit.core.config.LoginModuleConfig in project jackrabbit by apache.

the class SimpleSecurityManager method init.

//------------------------------------------< JackrabbitSecurityManager >---
/**
     * @see JackrabbitSecurityManager#init(Repository, Session)
     */
public void init(Repository repository, Session systemSession) throws RepositoryException {
    if (initialized) {
        throw new IllegalStateException("already initialized");
    }
    if (!(repository instanceof RepositoryImpl)) {
        throw new RepositoryException("RepositoryImpl expected");
    }
    this.systemSession = systemSession;
    config = ((RepositoryImpl) repository).getConfig().getSecurityConfig();
    // read the LoginModule configuration
    LoginModuleConfig loginModConf = config.getLoginModuleConfig();
    authCtxProvider = new AuthContextProvider(config.getAppName(), loginModConf);
    if (authCtxProvider.isLocal()) {
        log.info("init: using Repository LoginModule configuration for " + config.getAppName());
    } else if (authCtxProvider.isJAAS()) {
        log.info("init: using JAAS LoginModule configuration for " + config.getAppName());
    } else {
        String msg = "No valid LoginModule configuriation for " + config.getAppName();
        log.error(msg);
        throw new RepositoryException(msg);
    }
    Properties[] moduleConfig = authCtxProvider.getModuleConfig();
    // retrieve default-ids (admin and anonymous) from login-module-configuration.
    for (Properties aModuleConfig1 : moduleConfig) {
        if (aModuleConfig1.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
            adminID = aModuleConfig1.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
        }
        if (aModuleConfig1.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
            anonymID = aModuleConfig1.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
        }
    }
    // fallback:
    if (adminID == null) {
        log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
        adminID = SecurityConstants.ADMIN_ID;
    }
    if (anonymID == null) {
        log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
        anonymID = SecurityConstants.ANONYMOUS_ID;
    }
    // most simple principal provider registry, that does not read anything
    // from configuration
    PrincipalProvider principalProvider = new SimplePrincipalProvider();
    // skip init of provider (nop)
    principalProviderRegistry = new ProviderRegistryImpl(principalProvider);
    // register all configured principal providers.
    for (Properties aModuleConfig : moduleConfig) {
        principalProviderRegistry.registerProvider(aModuleConfig);
    }
    SecurityManagerConfig smc = config.getSecurityManagerConfig();
    if (smc != null && smc.getWorkspaceAccessConfig() != null) {
        workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
    } else {
        // fallback -> the default simple implementation
        log.debug("No WorkspaceAccessManager configured; using default.");
        workspaceAccessManager = new SimpleWorkspaceAccessManager();
    }
    workspaceAccessManager.init(systemSession);
    initialized = true;
}
Also used : PrincipalProvider(org.apache.jackrabbit.core.security.principal.PrincipalProvider) RepositoryException(javax.jcr.RepositoryException) Properties(java.util.Properties) AuthContextProvider(org.apache.jackrabbit.core.security.authentication.AuthContextProvider) LoginModuleConfig(org.apache.jackrabbit.core.config.LoginModuleConfig) RepositoryImpl(org.apache.jackrabbit.core.RepositoryImpl) SecurityManagerConfig(org.apache.jackrabbit.core.config.SecurityManagerConfig) WorkspaceAccessManager(org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager) ProviderRegistryImpl(org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl)

Example 2 with LoginModuleConfig

use of org.apache.jackrabbit.core.config.LoginModuleConfig in project sling by apache.

the class DelegatingLoginModule method initialize.

public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {
    Configuration config = null;
    try {
        config = Configuration.getInstance(JAAS_CONFIG_ALGO_NAME, null, providerName);
    } catch (NoSuchProviderException e) {
        logger.debug("No provider " + providerName + "found so far", e);
    } catch (NoSuchAlgorithmException e) {
        logger.debug("No provider " + providerName + "found so far for fetching JAAS " + "config with algorithm name " + JAAS_CONFIG_ALGO_NAME, e);
    }
    if (config != null) {
        final Thread current = Thread.currentThread();
        final ClassLoader orig = current.getContextClassLoader();
        try {
            current.setContextClassLoader(DelegatingLoginModule.class.getClassLoader());
            loginContext = new LoginContext(appName, subject, callbackHandler, config);
        } catch (LoginException e) {
            loginException = e;
        } finally {
            current.setContextClassLoader(orig);
        }
    } else {
        //No support so far from OSGi so would use default logic used by Jackrabbit
        //to construct the LoginModule
        Properties p = new Properties();
        p.putAll(options);
        BeanConfig bc = new BeanConfig(delegateLoginModuleClass, p);
        LoginModuleConfig lmc = new LoginModuleConfig(bc);
        try {
            delegate = lmc.getLoginModule();
            delegate.initialize(subject, callbackHandler, sharedState, options);
            logger.info("No JAAS Configuration provider found would be directly invoking LoginModule {}", delegateLoginModuleClass);
        } catch (ConfigurationException e) {
            //Behaviour is same as org.apache.jackrabbit.core.security.authentication.LocalAuthContext.login()
            loginException = new LoginException(e.getMessage());
        }
    }
}
Also used : BeanConfig(org.apache.jackrabbit.core.config.BeanConfig) LoginContext(javax.security.auth.login.LoginContext) Configuration(javax.security.auth.login.Configuration) ConfigurationException(org.apache.jackrabbit.core.config.ConfigurationException) LoginModuleConfig(org.apache.jackrabbit.core.config.LoginModuleConfig) LoginException(javax.security.auth.login.LoginException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException) Properties(java.util.Properties)

Example 3 with LoginModuleConfig

use of org.apache.jackrabbit.core.config.LoginModuleConfig in project jackrabbit by apache.

the class DefaultSecurityManager method init.

//------------------------------------------< JackrabbitSecurityManager >---
/**
     * @see JackrabbitSecurityManager#init(Repository, Session)
     */
public synchronized void init(Repository repository, Session systemSession) throws RepositoryException {
    if (initialized) {
        throw new IllegalStateException("already initialized");
    }
    if (!(repository instanceof RepositoryImpl)) {
        throw new RepositoryException("RepositoryImpl expected");
    }
    if (!(systemSession instanceof SystemSession)) {
        throw new RepositoryException("SystemSession expected");
    }
    this.systemSession = (SystemSession) systemSession;
    this.repository = (RepositoryImpl) repository;
    SecurityConfig config = this.repository.getConfig().getSecurityConfig();
    LoginModuleConfig loginModConf = config.getLoginModuleConfig();
    // build AuthContextProvider based on appName + optional LoginModuleConfig
    authContextProvider = new AuthContextProvider(config.getAppName(), loginModConf);
    if (authContextProvider.isLocal()) {
        log.info("init: use Repository Login-Configuration for " + config.getAppName());
    } else if (authContextProvider.isJAAS()) {
        log.info("init: use JAAS login-configuration for " + config.getAppName());
    } else {
        String msg = "Neither JAAS nor RepositoryConfig contained a valid configuration for " + config.getAppName();
        log.error(msg);
        throw new RepositoryException(msg);
    }
    Properties[] moduleConfig = authContextProvider.getModuleConfig();
    // retrieve default-ids (admin and anonymous) from login-module-configuration.
    for (Properties props : moduleConfig) {
        if (props.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
            adminId = props.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
        }
        if (props.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
            anonymousId = props.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
        }
    }
    // fallback:
    if (adminId == null) {
        log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
        adminId = SecurityConstants.ADMIN_ID;
    }
    if (anonymousId == null) {
        log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
        anonymousId = SecurityConstants.ANONYMOUS_ID;
    }
    // create the system userManager and make sure the system-users exist.
    systemUserManager = createUserManager(this.systemSession);
    createSystemUsers(systemUserManager, this.systemSession, adminId, anonymousId);
    // init default ac-provider-factory
    acProviderFactory = new AccessControlProviderFactoryImpl();
    acProviderFactory.init(this.systemSession);
    // create the workspace access manager
    SecurityManagerConfig smc = config.getSecurityManagerConfig();
    if (smc != null && smc.getWorkspaceAccessConfig() != null) {
        workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
    } else {
        // fallback -> the default implementation
        log.debug("No WorkspaceAccessManager configured; using default.");
        workspaceAccessManager = createDefaultWorkspaceAccessManager();
    }
    workspaceAccessManager.init(this.systemSession);
    // initialize principal-provider registry
    // 1) create default
    PrincipalProvider defaultPP = createDefaultPrincipalProvider(moduleConfig);
    // 2) create registry instance
    principalProviderRegistry = new ProviderRegistryImpl(defaultPP);
    // 3) register all configured principal providers.
    for (Properties props : moduleConfig) {
        principalProviderRegistry.registerProvider(props);
    }
    initialized = true;
}
Also used : AbstractPrincipalProvider(org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider) DefaultPrincipalProvider(org.apache.jackrabbit.core.security.principal.DefaultPrincipalProvider) PrincipalProvider(org.apache.jackrabbit.core.security.principal.PrincipalProvider) RepositoryException(javax.jcr.RepositoryException) AccessControlProviderFactoryImpl(org.apache.jackrabbit.core.security.authorization.AccessControlProviderFactoryImpl) Properties(java.util.Properties) AuthContextProvider(org.apache.jackrabbit.core.security.authentication.AuthContextProvider) SecurityConfig(org.apache.jackrabbit.core.config.SecurityConfig) WorkspaceSecurityConfig(org.apache.jackrabbit.core.config.WorkspaceSecurityConfig) LoginModuleConfig(org.apache.jackrabbit.core.config.LoginModuleConfig) SecurityManagerConfig(org.apache.jackrabbit.core.config.SecurityManagerConfig) WorkspaceAccessManager(org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager) ProviderRegistryImpl(org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl)

Aggregations

Properties (java.util.Properties)3 LoginModuleConfig (org.apache.jackrabbit.core.config.LoginModuleConfig)3 RepositoryException (javax.jcr.RepositoryException)2 SecurityManagerConfig (org.apache.jackrabbit.core.config.SecurityManagerConfig)2 AuthContextProvider (org.apache.jackrabbit.core.security.authentication.AuthContextProvider)2 WorkspaceAccessManager (org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager)2 PrincipalProvider (org.apache.jackrabbit.core.security.principal.PrincipalProvider)2 ProviderRegistryImpl (org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 NoSuchProviderException (java.security.NoSuchProviderException)1 Configuration (javax.security.auth.login.Configuration)1 LoginContext (javax.security.auth.login.LoginContext)1 LoginException (javax.security.auth.login.LoginException)1 RepositoryImpl (org.apache.jackrabbit.core.RepositoryImpl)1 BeanConfig (org.apache.jackrabbit.core.config.BeanConfig)1 ConfigurationException (org.apache.jackrabbit.core.config.ConfigurationException)1 SecurityConfig (org.apache.jackrabbit.core.config.SecurityConfig)1 WorkspaceSecurityConfig (org.apache.jackrabbit.core.config.WorkspaceSecurityConfig)1 AccessControlProviderFactoryImpl (org.apache.jackrabbit.core.security.authorization.AccessControlProviderFactoryImpl)1 AbstractPrincipalProvider (org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial